Mission 4: The list

Discussion in 'Alpha Versions' started by Mr. Vain, May 28, 2017.

  1. Mr. Vain

    Mr. Vain Active Agent

    Hello everyone, I'm currently stuck on the fourth mission if you can believe it. I've tried jabbing at every single port in this khopesh server and I've been unable to do anything. Can I get a hint please?
    Last edited: May 28, 2017
  2. Orion

    Orion Active Agent

    How many subdomains of the server have you found? Try osintscan for -t 120 to possibly find more subdomains to portscan.
  3. Mr. Vain

    Mr. Vain Active Agent

    ...you know what? I'm an idiot. I put down the wrong mission number for this thread. I'm sorry
    And to answer your question, I found 4 subdomains. Three of them have up to date tech and the forth doesn't even have a port
    Last edited: May 28, 2017
    Orion likes this.
  4. zaelong

    zaelong Moderator

    are you sure you spelled the 4th one correctly?
    when im scanning it shows an open port for each of the subdomains
    Orion likes this.
  5. Orion

    Orion Active Agent

    Looks like your problem subdomain is your culprit. Try working on it some more.
  6. Mr. Vain

    Mr. Vain Active Agent

    You were right, for some reason when I scanned it this time the subdomain had a port... thank you :)
    Orion likes this.
  7. Ruvon

    Ruvon New Agent

    Hi all,

    I just downloaded the Alpha 0.8 and made my way to mission 04 : The List.

    Hum, I did find the right subdomain, found the vulnerability and I'm currently connected to it.

    But what now ? When I run a netscan, no results. I tried every tool I have but I can't find out what's missing.

    I even looked on khopesh.com, found an inactive website about a lot of hacking stuff and a name, tried a password attack but the name doesn't work.

    Could someone be kind enough to throw me a bone here ? Thanks !
  8. zaelong

    zaelong Moderator

    after connecting with the C2 turbine,
    did you run an sfuzzer, and fingerprint on the network?
  9. Ruvon

    Ruvon New Agent

    Thank you for your answer,

    Yep, I did while connected to
    . On the 4 domains I know I ran sfuzzer -t 300 and fingerprint on all of them.

    I can find another vulnerable version except for the one I already know and already used to connect to

    emails.khopesh.com Port 143 Technology xeams Version Vulnerable

    Still looking, but so far I didn't notice any different information from running sfuzzer and/or fingerprint after connecting to
  10. zaelong

    zaelong Moderator

    try "sfuzzer [target] -i -t 300
    i feel like you still havent seen the one domain that you were supposed to see
  11. Ruvon

    Ruvon New Agent

    Ok, got it, thanks a lot for your help zaelong !

    Never thought, by the description of sfuzzer, that the -i will get MORE results, because it says sfuzzer will ONLY return internal network results.

    As I understand it, it means that sfuzzer will get everything (internal and external results) and sfuzzer -i will get ONLY the internal results, so -i could only get a smaller amount of results... Or is my english that bad ?...
  12. TheNorseMan

    TheNorseMan Active Agent

    Your english is fine, that is what one would think but for some reason
    sfuzzer and sfuzzer -i see different things
  13. zaelong

    zaelong Moderator

    its true that the 2nd one gives you less results, but sometimes its better to have fewer if it means those results are more relevant.
    (you already knew about the 4 other results that would be left out, so why would you want to see them again)

Share This Page